At school, there is a large network with lots of non-technical minded people and lots of viruses. How can I protect my flash drive from these worms and viruses so I don't bring them home and infect my home computers?

In this case it's more a "what to do after your usb is infected", unfortunately, it doesn't protect the flash-drive in the first place. Though these are the things to do, when it's too late.
–
GnoupiAug 30 '09 at 9:19

@Gnoupi, following these rules will keep your home-pc protected by drawing a line between the home-pc and the school. The flash drive can safely remain on the school side of this fence. It is easier that way.
–
nikAug 30 '09 at 9:33

@warren, you are troubled by a "quick format" that protects your home PC from potential malware? And, I'd still suggest keeping Autorun off at all times (regardless of using this scheme).
–
nikAug 31 '09 at 10:43

In my opinion, this is what answers the best the question, as it is the only way to make sure you won't catch a virus on a school computer. However, this has the major drawback that you can't write on the key, only read its content.
–
GnoupiAug 30 '09 at 9:22

If no data was to be moved from school to home, there is no need for a locked drive. Just format it straight on the next use.
–
nikAug 30 '09 at 9:42

for a link. I would've posted it, but have signed out of OpenID, and apparently unregistered/new users can only post one link in a message. And, reading the Yahoo page will be quite useful.

The "unmodifiable" autorun.inf is actually:
a) a directory named autorun.inf with SHR attributes that,
b) contains a very strange file, named "lpt3.This folder was created by Flash_Disinfector", which can neither be copied, deleted, or renamed by Windows. If I remember correctly, documentation somewhere says that the only way to remove this unmodifiable autorun.inf folder is by formatting the drive. However, Linux is not subject to these restrictions, and can easily copy/move/rename the folder.

Flash_Disinfector.exe is actually a RAR-SFX (self-extracting) archive. One of the archive's contents, nircmd.exe - which is used to silently execute commands - might trigger your existing security software.

Disabling Autorun: one way is to via Microsoft's TweakUI. Install and run it, and then (inside it) navigate to My Computer->AutoPlay->Types. There, uncheck "enable Autoplay for all CD and DVD drives" and "enable Autoplay for removable devices."
–
testsubjectalphaAug 31 '09 at 10:37

One of the main suggestions would be to ensure that you have up to date antivirus software on your home computer. There are many free solutions out there including the popular AVG free anti-virus.

You can test basic functionality if you are concerned by downloading the Eicar test file to check if it is detecting nasties. Simply save the Eicar file onto your flash drive from school, take it home and see if your antivirus detects it when you plug it in or if you go to open the file. It is NOT a virus, it is just a file which contains a certain string of text that the majority of antivirus programs have been programmed to recognise as a virus for testing purposes.

Obviously, nothing will completely stop viruses so only copy from your school network what you really know about.

Does your school network have antivirus software running on all the computers? Again, you could test this by downloading the Eicar test file above and try to open it.

"Flash_Disinfector.exe" works in a way sort-of similar to Panda USB Vaccine, by creating an unmodifiable autorun.inf entry in the root of partitions and pen drives.

There is, however, one scenario in which the protection afforded by an unmodifiable autorun.inf can be bypassed. There's an infection - which may be called "New Folder.exe" - that scans flash drives, and creates copies of itself in every directory, giving those copies the same name as the directory. Even with an unmodifiable autorun.inf, it is possible to mistakenly execute the malware's copies...

Use a live USB GNU/Linux distribution, maybe with a separate FAT32 partition for your files if you use Windows at home. To access your files at the school, don't insert the flash into the working computer but boot from it instead. This will guarantee that no viruses at the computer are activated, and will let you access your files as usual (if the Linux distro supports NTFS, but most of them do this now)